In RSA scheme using the Chinese remainder theorem, the following values are precomputed and stored as a public key:
p,q&\text{ are primes from key generation}\\
d_{p} =& d \pmod{p-1}\\
d_{q} =& d \pmod{q-1}\\
d_{inv} =& d^{-1} \pmod{p}\\\end{aligned}" />

Therefore, we can compute the message from given ciphertext more effienctly as follow:
m_1&=&c^{d_p}\mod{p}\\
m_2&=&c^{d_q}\mod{q}\\
h&=&q_inv\left(m_1-m_2\right)\mod{p} \\
m&=&m_2+hq\\\end{aligned}" />

This scheme is more efficient than computing because these two modular exponentiations both use a smaller exponent and a smaller modulus.

Note that the exponents are reduced module p-1 and q-1. This can be done using Fermat’s little theorem because p and q.Then, we recombine the; that is, we find a number m such that:
m = (M^d \bmod N) \mod q\\" />

Because of the Chinese Remainder Theorem (and because p and q are relatively prime), we can immediately deduce that: which is exactly what we were trying to compute.

Now, the questions in your comments appear to be asking about the details of this recombination step. It is actually fairly easy to see the correctness of the algorithm. To make the last step work, we need to show that we have come up with a value m such that:
0 &\le m < pq\\
m &\equiv m_1 \mod p\\
m &\equiv m_2 \mod q\end{aligned}" />

As for the the first criteria , well, that’s straight-forward; we know that , and , and so the smallest that m can be is , and the largest it can be is

As for the third criteria, that’s also straight-forward;

Now, is defined to be the number that, when multiplied by q modulo p, results in 1, or . Now, because the above equation is, in fact, computed modulo p, we can replace with 1, which gives us:

Program for secure communication
================================

My following program was written using Python language. It includes 4 main parts:

- Take user text input from the console and encrypt it using AES-128 using built-in library Crypto.Cipher

- Encrypt the AES key using RSA where prime p,q were generated
randomly with the length of 1024 bits

- Decrypt the message using AES128 decryption and print it on
the screen.

Report of execution time
========================

Each execution of the encryption and decryption functions is too short. Therefore, I measure the average time of total 1000 executions to compare between each method. To ensure that the time measurement does not affect the process execution, this program used an external call based on Python’s ’timer’ library to calculate the difference between start and end of each run in milliseconds.

Table time shows the execution time of RSA scheme is much larger than AES128 scheme. This result explains why RSA should being used in key exchange while parties encrypt their information using AES cryptosystem. Another significant result is that the RSA-CRT decryption method is approximately 3 times faster than normal RSA decryption.

Hope this article can bring cryptography motivation to some Math/IT students and players who were exhausted in enjoying CTF challenges, or at least it can be a good reference for somebody.